Yesterday, Jailbreak Nation highlighted a bug with iOS 6.1 that allows users to bypass a passcode lock on an iPhone to access the phone function and contacts on the device. While the bug allows only limited access to the device and can require several attempts to achieve the correct timing to exploit, it is gaining significant attention today.

Quote:

1. Lock device
2. Slide to unlock
3. Tap emergency call
4. Hold sleep button until the power down prompt shows. Click cancel, you will notice the status bar turn blue. Type in 911 or your emergency number and click call then cancel it asap so the call dosen't go through.
5. Lock your device with the sleep button then turn it on using the home button.
6. Slide to unlock then hold the sleep button and in 3 seconds tap emergency call. This will spazz out the phone and cause it to open.

[Make sure to continuously hold the sleep button until you are done looking in the phone]

MacRumors encourages users to refrain from experimenting with the technique, as emergency calls that are not canceled soon enough may go through to operators.

The issue does appear to have been present in earlier versions of iOS as well, as Gizmodo points to a YouTube video posted in late January claiming that the method also works on iOS 6.0.1 and 6.0.2.

Similar bugs have appeared in previous versions of iOS, and Apple has generally moved fairly quickly to incorporate fixes into subsequent software updates once it becomes aware of the issues.

Update: One MacRumors reader notes that the technique does not appear to work if the user has turned off the "simple passcode" option to allow for more complex passcodes.

Update 2: AllThingsD notes that while Apple has yet to make an official comment on the issue, "sources close to the company say it is hard at work on a fix."

Update 3: AllThingsD has now updated its report with a response from Apple.

Quote:

"Apple takes user security very seriously" spokeswoman Trudy Muller told AllThingsD. "We are aware of this issue, and will deliver a fix in a future software update."

Are you guys seriously downplaying this bug? If I've lost my phone and it takes a few hours to realize that it's lost, I'd expect that during that time someone has not been able to pick up my phone and bypass my lock screen to steal my contact's information.

I don't know if I can blame this on lack of quality control. I still contend Apple has been skimping on that department over the past couple of years. Still, this is yet another serious bug to come out. How many more Apple before you acknowledge there is a problem and figure out a systematic fix?

Works for me. Can see all my contacts. Strange bug. I was even able to place a call once I was in, although it was a little glitchy! This could be useful if you want to place a call on someone's random phone.